ASIC releases whistleblower policy guidance and exempts small not-for-profits: what you need to know

Ahead of the 1 January 2020 deadline for thousands of Australian employers to implement a whistleblower policy, the Australian Securities & Investments Commission (ASIC) has released its Regulatory Guide 270 to Australia’s new whistleblower laws.

ASIC’s guide is intended to assist employers to establish whistleblower policies that comply with their obligations under the new whistleblower regime.  The guide also provides helpful information on good practice in relation to implementing and maintaining a compliant whistleblower policy.

ASIC will use the guide to inform its administration and enforcement of the new whistleblower laws which came into effect on 1 July 2019. It’s important for employers to be aware of the guide’s recommendations when preparing a whistleblower policy.

Who needs a whistleblower policy?

The new whistleblower laws are contained in the Corporations Act 2001 (Cth) (Corporations Act) and the Taxation Administration Act 1953 (Cth).  The new laws require public companies, large proprietary companies and trustees of superannuation entities to have a whistleblower policy that is made available to their officers and employees.

Although it is not strictly necessary for companies that fall outside of those categories to have a whistleblower policy, all companies are required to comply with the general whistleblower provisions in the Corporations Act.

As such, many employers will benefit from voluntarily implementing and maintaining a whistleblower policy to assist compliance.

Exemption for not-for-profits and charities

ASIC has granted relief from the requirement to have a whistleblower policy to small not-for-profits and charities.  Not-for-profit companies limited by guarantee with a revenue (or consolidated revenue) of less than $1 million in any given financial year will be exempt from the requirement to implement a whistleblower policy in that financial year.

That said, small not-for profits or charities may elect to adopt a whistleblower policy.

What must your whistleblower policy contain?

If an employer is required to have a whistleblower policy, then that policy must include the following features as required by the Corporations Act:

• Information about the protections available to eligible whistleblowers, including protections under the Corporations Act.
• Information about to whom disclosures that qualify for protection under the Corporations Act may be made, and how they may be made.
• Information about how the employer will support eligible whistleblowers and protect them from detriment.
• Information about how the employer will investigate disclosures that qualify for protection under the Corporations Act.
• Information about how the employer will ensure fair treatment of employees of the company who are mentioned in disclosures that qualify for protection under the Corporations Act, or to whom such disclosures relate.
• Information about how the policy is to be made available to officers and employees of the employer.

ASIC’s additional requirements

The requirements under the Corporations Act (set out above) are expressed in broad terms, and may be communicated in a variety of ways in a whistleblower policy.  However, they should be interpreted in light of ASIC’s regulatory guide, which adds helpful meaning and context to the Corporations Act’s requirements.

ASIC’s view is that a whistleblower policy must include the following, in addition to the above requirements:

• A brief explanation about the purpose of the policy.
• The different types of disclosers within and outside the employer who can make a disclosure that qualifies for protection.
• The criteria for a discloser to qualify for protection as a whistleblower under the Corporations Act.
• Examples of the types of wrongdoing that can be reported, based on the employer’s business operations and practices.
• Examples of the types of matters that are not covered by the policy (eg personal work-related grievances).
• A statement that disclosures that are not about disclosable matters do not qualify for protection under the Corporations Act.
• Information about who a discloser can contact to obtain additional information before making a disclosure.
• The different options available for making a disclosure, including allowance for disclosures to be made anonymously, confidentially, securely and outside of business hours. It must also provide information about how to access each option, along with the relevant instructions.
• A statement that disclosures can be made anonymously and still be protected under the Corporations Act.
• Information about the protections available to disclosers who qualify for protection as an eligible whistleblower, including identity protection (confidentiality), protection from detrimental acts or omissions, compensation and remedies, and liability protection.
• The employer’s measures for supporting disclosers and protecting eligible whistleblowers from detriment in practice, including examples of how the employer will protect the confidentiality of the discloser’s identity, and protect eligible whistleblowers from detrimental acts or omissions.

Our team of whistleblower experts would be pleased to assist your organisation in preparing, implementing and maintaining an appropriate whistleblower policy.

This article was written with the assistance of Anthony Hallal, Lawyer.